Judge Orders FBI To Turn Over Information On How Many People Around The World It Snagged With Its Playpen NIT
from the malware-whereabouts dept
This might be big, depending on how much of this information is passed on to the general public, rather than delivered ex parte or under seal. Joseph Cox of Vice/Motherboard was the first to snag this ruling [PDF] by a Washington district court judge ordering the FBI to turn over tons of info about the NIT it deployed in the Playpen child porn investigation.
As we’re already aware, the NIT was deployed by the FBI in Virginia but obtained identifying information about Tor-cloaked site visitors not just all over this country, but all over the world. The motion to compel discovery asked for several details about the NIT and its deployment and most of them have been granted.
Here’s the full list (with additional commentary):
1. All records related to the Government’s review and approval of Operation Pacifier.
The Court has taken this discovery request under advisement. An order is soon forthcoming.
2. Copies of any reports made to the National Center for Missing and Exploited Children (NCMEC) regarding child pornography posted on the Playpen web site.
Defendants’ motions are granted.
3. Copies of any notifications that were sent to victims by the Government for obtaining restitution related to images that were posted on, or distributed from, the Playpen web site.
Defendants’ motions are granted.
4. The number of new images and videos (i.e. content not previously identified by NCMEC) that was posted on the site between February 20, 2015 and March 5, 2015.
Defendants’ motions are granted.
(This information — whether or not actually useful in suppression motions — should at least provide some insight into how much additional child porn made its way to site visitors as a result of the FBI’s decision to seize [and act as administrators of] the server, rather than shut it down. Information obtained in other court cases suggests the FBI not only acted as hosts during the NIT deployment, but actually made the site faster and more responsive.)
5. The names of all agents, contractors or other personnel who assisted with relocating, maintaining and operating Playpen while it was under Government control.
Defendants’ motions are granted.
6. Copies of all notes, emails, reports, postings, etc. related to the maintenance, administration and operation of Playpen between February 20, 2015 and March 5, 2015.
Defendants’ motions are granted.
(Again, this info could confirm whether or not the FBI improved the child porn site’s performance during its two-week turn as administrators, as well as provide additional insight into how much child porn distribution was aided and abetted by the agency.)
7. Copies of all legal memoranda, emails and other documents related to the legality of the FBI’s operation of Playpen (and the distribution of child pornography by the Government), including requests for agency/departmental approvals of the undercover operation of Playpen and any communications with Main Justice or the Office of General Counsel at the FBI.
The Court has taken this discovery request under advisement. An order is soon forthcoming.
(This would be the government’s legal rationale for running a child porn site rather than shutting it down. Chances are this will remain under seal and is probably FOIA-proof, as most legal guidance documents are.)
8. Copies of all correspondence, referrals and other records indicating whether the exploit used in the Playpen operation has been submitted by the FBI or any other agency to the White House’s Vulnerability Equities Process (VEP) and what, if any, decision was made by the VEP.
The Court has taken this discovery request under advisement. An order is soon forthcoming.
(Little is known about the government’s actual handling of the VEP. On one hand, we have public statements which pay lip service to not screwing US companies by hoarding vulnerabilities. On the other hand, we have the exact opposite in practice.)
9. Copies of invoices and other documents for the hosting facility/facilities where the Government operated the Playpen server, the server from which the Government delivered the NIT malware and the server that NIT targets sent their identifying information back to, including documents revealing whether the Government informed the hosting provider(s) that child pornography would be stored in their facility or transmitted over their networks.
Defendants’ motions are granted. To the extent that the Playpen hosting provider was the Government, not a private party, it appears there may not be much discovery responsive to this request.
(There may be nothing here. Or there could be third party hosts involved who were never informed about their participation in the FBI’s sting operation. If so, fun times ahead for the US government.)
10. The number of Playpen-related investigations that have been initiated but did not result in criminal charges, beyond the approximately 200 cases now pending across the country.
Defendants’ motions are granted.
(Another can of worms the FBI would probably like to remain closed. According to the government’s own arguments in these cases, users would have connected to the site for a single purpose: to engage in criminal activity. A lack of charges would be a surprise and somewhat undermine the government’s assertions about the criminal intent of visitors to the site.)
11. The total number of IP addresses and MAC IDs that were seized during the time the FBI was operating Playpen, over and above those related to these approximately 200 pending cases.
Defendants’ motions are granted.
12. The number of IP addresses and MAC IDs obtained during the investigation from foreign computers and the countries in which this data was obtained.
Defendants’ motions are granted.
(These are the potential goldmine. This will show how far-flung the FBI’s net actually was, as well as provide more ammo for suppression motions predicated on Rule 41 jurisdictional limitations. The FBI is well aware it can’t perform searches outside the jurisdiction covered by the warrant, but it chose to do so anyway. So far, its evidence has mostly held up, thanks to courts deciding suppression isn’t the correct remedy, or crediting the FBI for unearned “good faith.” The FBI and DOJ are pushing for changes to Rule 41 that eliminate the jurisdictional limits, so it’s disingenuous for the agency to claim its agents acted in good faith when securing the warrant.)
This now becomes the Playpen case to watch, even if most of this information is likely to remain in the hands of defense lawyers only. Dismissal and suppression motions will contain references to the content of these documents, however, which will shed more light on the FBI’s NIT deployment and its child porn site administration.
Filed Under: doj, eavesdropping, fbi, malware, nit, playpen, rule 41, warrants
Comments on “Judge Orders FBI To Turn Over Information On How Many People Around The World It Snagged With Its Playpen NIT”
Standard 2-step process
1) Judge Orders FBI
2) FBI Ignores Order
Business as usual…
Re: Standard 2-step process
3) DOJ appeals the order
4) FBI ignores order anyway
More business as usual
Re: Re: Standard 2-step process
5) Court decides to punish FBI for ignoring the order by retracting the “good faith” benefit.
6) Evidence gets suppressed.
7) Case is lost or dismissed for lack of evidence.
Business as usual?
Re: Re: Re: Standard 2-step process
More likely scenario is if they don’t get the rulings they want, the DOJ will dismiss the charges to avoid setting an adverse precedent while complaining loudly and frequently that the laws need to be changed to keep child molesters and terrorists from getting away with it.
Re: Standard 2-step process
FBI’s motto is “Fidelity, Bravery, Integrity”.
They have refused to comply with court orders before. There is no accountability to penalize them if they do it again.
Why exactly would anyone expect a terrorist organization like the FBI to be honest and respect what they are ordered to do this time compared to any other.
We need to catch more criminals...
Well lets drum up some more crime!
I no longer accept that people are guilty as charged. The DA will shock the fuck out of ‘suspects’ with charges to the point where they either plead guilty or face a full frontal onslaught of government corruption ruining their life even further!
We don’t even consider that someone might be guilty, we just need the “last mite”.
Re: We need to catch more criminals...
If you’re of the belief that everyone’s a criminal, then you just make laws that ensure such. The provlems start when your enforcement agency decides it just doesn’t need to play by the rules.
>>> 7. Copies of all legal memoranda, emails and other documents related to the legality of the FBI’s operation of Playpen (and the distribution of child pornography by the Government), including requests for agency/departmental approvals of the undercover operation of Playpen and any communications with Main Justice or the Office of General Counsel at the FBI.
The Court has taken this discovery request under advisement. An order is soon forthcoming.
(This would be the government’s legal rationale for running a child porn site rather than shutting it down. Chances are this will remain under seal and is probably FOIA-proof, as most legal guidance documents are.)
Re: Re:
Makes me wonder how much of those pedo pictures ended up saved to private folders among the FBI
Re: Re: Re:
well they needed to get the new content they posted from somewhere…
FBI,CIA, a couple of dinosaurs from another era. We have the NSA today. Bring them all under one roof Then quit breaking the law and using the excuse that we broke the law in order to enforce the law. Justice is blind, not deaf and dumb.
The real question
What I want to knoww is how many politicians and high-ranking military officers went to the site and who they are . That would be interesting to see.
Re: The real question
Exactly